Who we are looking for

An Information Security Officer (ISO) who will be an integral part of a team responsible for ensuring the security of the business and functional teams in line with the company security policy and risk tolerance.

​

Other key relationships:

• Information Security Officers
• Business and Functional Technical Leaders
• Cyber Transformation Office
• Collaboration with 3LOD – Business, Compliance, Risk Management, Corporate Audit
• Regional CISO’s

​

This role can potentially be performed fully remotely from home within the US area.

​

Why this role is important to us

Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We’re driving the company’s digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence, and robotics process automation.

​

We offer a collaborative environment where technology skills and innovation are valued in a global organization. We’re looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.

​

Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.

​

About State Street

What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation, we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

​

Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary by location, but you may expect generous medical care, insurance and savings plans, among other perks. You’ll have access to flexible Work Programs to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.

​

Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspectives are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift programs and access to employee networks that help you stay connected to what matters to you.

​

State Street is an equal opportunity and affirmative action employer.

​

Salary Range:

$120,000 - $187,500 Annual

​

The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

• Consistently and effectively engage with Technology and Business leadership to embed security into their strategic and tactical plans.
• Champion the Information Security mandates acting as a liaison between Global Cybersecurity (GSC) and BU’s.
• Actively promote and deliver on the ISO program and its mission.
• Ability to operate autonomously with minimal directions or instructions to fully partner and to support responsible BU’s.
• Being a Trusted Cybersecurity Risk Adviser to the BU leadership team in all technical & cyber risk matters.
• Positioning security within the business with the ability to communicate in non-technical terminology.
• Create ambassadorship programs down in the business to ensure security is a partnership.
• Assist in the development and successful outcomes of Security KPI/KRI that drive control effectiveness.
• Report security performance and create visibility through effective metrics and reporting.
• Directly support technical security assessments & recommend remediation plan for the partnering BU’s.
• Participate in Information Security and 3rd Party Risk Management (TPRM) assessment for assigned BU.
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner to all levels of target audience from executives to technical staff.
• Delivery of effective security outcomes that drives improvements of security within the business.
• Participate actively in decision making with management and seek to understand the broader impact of current decisions.
• Create and deliver effective presentations as a means for communicating project and deliverable progress at all levels of target audience.
• Build and nurture positive working relationships with BU’s with the intention to exceed expectations.
• Work cross-functionally with team members to support and enhance collaborative environment.
• Manage the trade-offs required to manage the various levels of risk tolerance and risk exposure across the organization and balance this with risk investments.
• Partner with BU Leadership to identify, evaluate, and address cyber security risks.
• Ensures and monitors security compliance with industry and government rules and regulations.
• Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks.
• Promote information security awareness program to ensure staff members across the organization understand the trade-off between risk and return.
• Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns by end users so that policy can align with need.
• Stay up to date on present and emerging security trends, technology, & threats.
• Guide and mentor junior but technical staff in all information technology and cyber risk matters.

Education & Preferred Qualifications

• 10+ years of experience in information security (cybersecurity) and related technology experience required.
• Bachelor’s degree in a technical field (e.g., Computer Science, Engineering, IT, etc.)
• CISSP, CRISC, CISM, CISA, or similar certifications are required.
• Highly regulated environment experience, preferably financial services.

Additional requirements

Travel up to 10% may be required.

​

Are you the right candidate? Yes!

We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring with them. Although each vacancy details what we are looking for, we don’t necessarily need you to fulfil all of them when applying. If you like change and innovation, seek to see the bigger picture, make data driven decisions and are a good team player, you could be a great fit.

​

Job Application Disclosure:

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

​

State Street's Speak Up Line

Summary Information about the Role and Company Overview

​

We are seeking a Navy Veteran with extensive Air and Ballistic Missile Defense operational and training experience to support the Naval Surface and Mine Warfighting Development Center (SMWDC) Surface Advanced Warfighting School (SAWS) as a Tactics Mentor for the Integrated Air and Missile Defense (IAMD) Warfare Tactics Instructor (WTI) program.

We need the rare skill set you have acquired in the Air and Ballistic Missile Defense warfare area to support schoolhouse instruction and performance analysis of surface ship tactical readiness and operational capability through data collection and analysis of performance metrics. This position will develop, evaluate, and update curricula for all SMWDC assigned surface force mission areas. In this role you will provide critical insight and evaluation to existing training materials and procedures ultimately resulting in crucial recommendations that will ensure technical accuracy, usability, and quality standards.

​

Equal Opportunity Employer/Veterans/Disabled: Sigma Defense Systems is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

NA

Required Qualifications

​

• 10+ years of experience in the AD/BMD Mission area; with a minimum of 5 years of experience onboard an AEGIS DDG and/or CG.
• Strike Group, Fleet, or Major Training Command, Systems Testing Command, or similar military organization planning experience.
• Qualified and experienced in a watch station with the authority to employ the AEGIS Weapons System (i.e., TAO, Air Warfare Coordinator (AAWC)).
• Possess a Tactical Action Officer Qualification letter or BMD Watch Officer Qualification letter with a minimum of 3 years of experience.
• Candidate must possess or have the ability to obtain an active TS/SCI security clearance.
• Experience with Microsoft Office suite of programs (Access, Excel, Power Point, Project, and Word).

​

Preferred Qualifications

​

• Experience as a WTI (IAMD) qualified officer preferred. Aviation Officer qualification is acceptable.
• Experience with qualitative and quantitative assessment methods to support war-fighting readiness, capabilities, and capacity evaluations.

Salary Range

• $110,000 - $130,000 annually.

​

Benefits

• Dental and Vision Insurance
• Medical Insurance to Include HSA, FSA, and DFSA Plans
• Life and AD&D coverage
• Employee Assistance Program (EAP)
• 401(k) Plan with Company Matching Contributions
• 160 Hours of Paid Time Off (PTO)
• 12 (Floating) Holidays
• Educational Assistance
• Highly Competitive Salary

Global Risk and Security

Global Risk and Security (GR&S) at Vanguard enables business strategy, protects client and Vanguard interests (e.g., assets and data), and stewards a strong risk culture. Our teams leverage enterprise-wide insights, deep expertise, and trusted advice so that across Vanguard leaders and crew drive faster, stronger, risk-informed decisions.

​

Within GR&S, the Enterprise Security and Fraud (ES&F) sub-division is responsible for the global protection of Vanguard crew, property, data, and client assets. We are the trusted advisors that protect the pride of Vanguard with state-of-the-art security and fraud capabilities.

​

The Sr. Cloud Security Engineer will provide expert level system analysis, design, development, and implementation of Identity Solutions. Identifies, resolves, or brings up security and software opportunities, vulnerabilities, and defects.

​

About Vanguard

At Vanguard, we don't just have a mission—we're on a mission.

​

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

​

Our commitment to diversity, equity, and inclusion

​

Vanguard’s commitment to diversity, equity, and inclusion (DEI) is central to our ability to deliver on our mission. We aspire to create a work environment that is inclusive, equitable, and diverse—one that enables our employees, whom we call crew, to thrive and bring their best selves to work every day on behalf of our clients.

​

Cultivating DEI lifts our entire organization, and everyone shares accountability for our progress—from our senior leaders who lay the foundation and set the example for inclusive behaviors to crew who are growing in their personal DEI learning experiences.

​

Together, we’re on a mission. We are fueled by the value of diverse voices and connected through friendships and a culture of care—for our clients, our communities, and each other.

​

Vanguard’s DEI journey has no finish line. Our commitment is enduring, and we remain focused on the path ahead. To learn more about Vanguard goals and progress toward DEI, download our Diversity, Equity, and Inclusion Report.

​

How We Work:

​

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

• Collaborate with multi-functional teams to architect and implement authentication solutions using Ping Federate, SiteMinder, Auth0 or other similar tools.
• Provide domain expertise in SAML, OIDC, OAuth, MFA, FIDO2 and LDAP.
• Require experience consuming, developing, integrating, and documenting REST API’s and its specifications.
• Elevate code into the development, test, and production environments on schedule. Provides follow-up production support and submit change control requests and documents.
• Provide domain expertise in software development methodology and development architecture standards. Mentors and trains staff with less experience. Resolves elevated issues and recommends enterprise-wide improvements.
• Participate in design, code, and test inspections throughout the life cycle to identify and fix issues. Explains technical considerations at related meetings, including those with internal clients.
• Thoroughly understand client business functions and technology needs. Has a broad and deep understanding of Vanguard's technologies, tools, and applications, including those that collaborate with business area and systems. Is well-versed on the latest technologies and tools supporting software development in the industry.
• Thoroughly understand and aligns with Information Technology and Information Security policies and procedures and verifies that deliverables meet requirements.
• Ensure implementation solutions support architecture objectives (e.g., availability, scalability, performance, security, etc.), as appropriate.
• Work with CPaaS solutions such as Twilio, Telesign for last-mile delivery of security codes.
• Act as a domain expert (SME) on LDAP technologies and standard processes.
• Integrate LDAP services with authentication platforms (e.g., SSO, MFA, IAM solutions).
• Participate in special projects and perform other duties as assigned.

Required Qualifications:

• Minimum of eight years’ experience in Identity and Access Management preferably in Financial Services domain
• Subject Matter Expert in SAML, OIDC, OAuth, MFA, FIDO2 and LDAP
• Undergraduate degree in a related field or the equivalent combination of training and experience.

Special Factors

This is a hybrid role with Tues, Wed, Thurs in the office and Mon, Fri is remote.

​

Sponsorship

Vanguard is offering visa sponsorship for this position.